A method and apparatus are provided for generating a parameter value to be used as a parameter for a random number generator. A random value is generated and the random value is mapped to a prime number. The parameter value is generated by multiplying the prime number by previously selected prime numbers....http://www.google.co.uk/patents/US7016925?utm_source=gb-gplus-sharePatent US7016925 - Random number generators

A method and apparatus are provided for generating a parameter value to be used as a parameter for a random number generator. A random value is generated and the random value is mapped to a prime number. The parameter value is generated by multiplying the prime number by previously selected prime numbers. Each parameter value is then used as one of a plurality of parameters for the random number generator.

Images(15)

Claims(53)

1. A method of generating a parameter for a random-number generator, comprising:

(1) generating a value;

(2) using the value to select a prime number;

(3) generating the parameter based on the selected prime number and a second prime number; and

(4) outputting the parameter for use with the random-number generator.

2. The method of claim 1, wherein step 4 comprises:

using the parameter for a linear congruential random-number generator.

3. The method of claim 2, further comprising:

(5) passing an output of the linear congruential random-number generator through a block encryptor.

4. The method of claim 1, further comprising:

(5) using an output of the random number generator to establish a pseudo-randomly selected network address that is used to transmit a digital computer message.

5. The method of claim 3, further comprising:

(6) using an output of the random number generator to establish a pseudo-randomly selected network address that is used to transmit a digital computer message.

6. The method of claim 1, wherein the second prime number comprises a previously selected prime number.

7. The method of claim 6, wherein step (3) comprises generating the parameter by multiplying the selected prime number by the second prime number.

8. The method of claim 7, further comprising repeating steps (1) through (3) a plurality of times while the parameter is less than a predetermined value, wherein the parameter generated during each iteration of steps (1) through (3) is a product of a most recently selected one of the selected prime numbers and previously selected prime numbers.

9. The method of claim 1, wherein step (2) comprises mapping the generated value to the prime number based on a nonlinear distribution function.

10. The method of claim 1, wherein step 2 comprises:

searching through an ordered table of entries, each of the entries including a prime number and a weight, a respective prime number from one of the entries being selected based on the parameter and a corresponding one of the weights.

12. The method of claim 1, further comprising repeating steps (1)–(4) for a plurality of random number generators.

13. A method of generating a parameter for a random-number generator, comprising:

(1) generating a first value;

(2) using the first value to select a first prime number P;

(3) generating a second value;

(4) using the second value to select a number K such that PK is at most equal to a predetermined maximum number;

(5) generating the parameter as a function of PK; and

(6) outputting the parameter for use with the random-number generator.

14. The method of claim 13, further comprising:

(7) generating a third value;

(8) using the third value to select a second prime number;

(9) generating a second parameter by multiplying the selected second prime number by at least one previously selected prime number; and

(10) using the parameter and the second parameter as parameters for the random-number generator.

15. The method of claim 14, wherein the random-number generator is a linear-congruential random-number generator.

16. The method of claim 15, further comprising:

(11) passing an output of the linear congruential random-number generator through a block encryptor.

17. The method of claim 16, further comprising:

(12) using an output of the linear congruential random-number generator to establish a pseudo-randomly selected network address that is used to transmit a digital computer message.

18. The method of claim 14, further comprising repeating acts (7) through (9) a plurality of times while the second parameter is less than a predetermined value, wherein the second parameter generated during each iteration of acts (7) through (9) is a product of a most recently selected one of the selected prime numbers and previously selected prime numbers.

using the parameter for a linear congruential random-number generator.

21. The method of claim 20, further comprising:

(7) passing an output of the linear congruential random-number generator through a block encryptor.

22. The method of claim 21, further comprising:

(8) using an output of the linear congruential random-number generator to establish a pseudo-randomly selected network address that is used to transmit a digital computer message.

23. The method of claim 13, wherein step 2 comprises:

searching through an ordered table of entries, each of the entries including a prime number and a weight, a respective prime number from one of the entries being selected based on the first parameter and a corresponding one of the weights.

26. An apparatus for generating a parameter for a random-number generator, the apparatus comprising:

means for mapping a random value to a prime number P; and

means for generating the parameter by multiplying the prime number P by at least one previously selected prime number.

27. The apparatus of claim 26, wherein the means for generating produces the parameter for a linear congruential random-number generator.

28. The apparatus of claim 27, further comprising:

a block encryptor, wherein an output of the linear congruential random-number generator is arranged to be passed through the block encryptor.

29. The apparatus of claim 26, wherein the prime number mapper is arranged to search through an ordered table of entries, each of the entries including a prime number and a weight, a respective prime number from one of the entries being selected based on the random value and a corresponding one of the weights.

30. An apparatus for generating a parameter for a random-number generator, the apparatus comprising:

first means for mapping a random value to a prime number P;

second means for mapping a second random value to a number K such that PK is at most equal to a predetermined maximum number; and

means for generating a parameter as a function of PK, wherein the second means for mapping is included within the means for generating.

31. The apparatus of claim 30, wherein the means for generating produces the parameter for a linear congruential random-number generator.

32. The apparatus of claim 30, further comprising:

a block encryptor, wherein an output of the linear congruential random-number generator is arranged to be passed through the block encryptor.

33. The apparatus of claim 30, wherein the prime number mapper is arranged to search through an ordered table of entries, each of the entries including a prime number and a weight, a respective prime number from one of the entries being selected based on the random value and a corresponding one of the weights.

34. A machine-readable medium having information including instructions for a processor recorded thereon, the instructions comprising:

(1) generating a random value;

(2) using the random value to select a prime number;

(3) generating a parameter based on the selected prime number and a second prime number; and

(4) outputting the parameter for use as a parameter for a random number generator.

using the parameter for a linear congruential random-number generator.

36. The machine-readable medium of claim 35, further having instructions comprising:

(5) passing an output of the linear congruential random-number generator through a block encryptor.

37. The machine-readable medium of claim 36, further having instructions comprising:

(6) using an output of the linear congruential random-number generator to establish a pseudo-randomly selected network address that is used to transmit a digital computer message.

38. The machine-readable medium of claim 34 further having instructions comprising:

(5) using an output of the random-number generator to establish a pseudo-randomly selected network address that is used to transmit a digital computer message.

39. The machine-readable medium of claim 38, further having instructions comprising repeating steps (1) through (3) a plurality of times while the parameter is less than a predetermined value, wherein the parameter generated during each iteration of steps (1) through (3) is a product of a most recently selected one of the selected prime numbers and previously selected prime numbers.

searching through an ordered table of entries, each of the entries including a prime number and a weight, a respective prime number from one of the entries being selected based on the random value and a corresponding one of the weights.

41. The machine-readable medium of claim 34, wherein the second prime number comprises a previously selected prime number.

42. The machine-readable medium of claim 41, wherein step (3) comprises generating the parameter by multiplying the selected prime number by the second prime number.

43. A machine-readable medium having instructions recorded thereon for a processor to generate a parameter for a random-number generator, the instructions comprising:

(1) generating a first value;

(2) using the first value to select a first prime number P;

(3) generating a second value;

(4) using the second value to select a number K such that PK is at most equal to a predetermined maximum number; and

(5) generating the parameter as a function of PK.

44. The machine-readable medium of claim 43, further having instructions comprising:

(6) generating a third value;

(7) using the third value to select a second prime number; and

(8) generating a second parameter by multiplying the selected second prime number by at least one previously selected prime number.

45. The machine-readable medium of claim 44, further having instructions comprising:

(9) using the parameter and the second parameter as the parameter of a linear congruential random-number generator.

46. The machine-readable medium of claim 45, further having instructions comprising:

(10) passing an output of the linear congruential random-number generator through a block encryptor.

47. The machine-readable medium of claim 46, further having instructions comprising:

(11) using an output of the linear congruential random-number generator to establish a pseudo-randomly selected network address that is used to transmit a digital computer message.

48. The machine-readable medium of claim 44, further having instructions comprising repeating acts (6) through (8) a plurality of times while the second parameter is less than a predetermined value, wherein the second parameter generated during each iteration of acts (6) through (8) is a product of a most recently selected one of the selected prime numbers and previously selected prime numbers.

49. The machine-readable medium of claim 43, further having instructions comprising:

(6) using the parameter as the parameter of a linear congruential random-number generator.

50. The machine-readable medium of claim 49, further having instructions comprising:

(7) passing an output of the linear congruential random-number generator through a block encryptor.

51. The machine-readable medium of claim 50, further having instructions comprising:

(8) using an output of the linear congruential random-number generator to establish a pseudo-randomly selected network address that is used to transmit a digital computer message.

52. The machine-readable medium of claim 43, further having instructions comprising:

using the parameter as the parameter for the random-number generator, wherein

an output of the random-number generator is used to establish a pseudo-randomly selected network address that is used to transmit a digital computer message.

searching through an ordered table of entries, each of the entries including a prime number and a weight, a respective prime number from one of the entries being selected based on the first value and a corresponding one of the weights.

Description

CROSS REFERENCE TO RELATED APPLICATION

This application is a continuation application of application Ser. No. 09/833,684, filed Apr. 13, 2001, now U.S. Pat. No. 6,691,141, issued Feb. 10, 2004, entitled Method And Apparatus For Generating Random Number Generators, herein incorporated by reference in its entirety for all purposes.

FIELD OF THE INVENTION

Aspects of this invention pertain to the field of random number generators. More particularly, this invention pertains to generating parameters for a large number of random number generators.

BACKGROUND OF THE INVENTION

FIG. 1 illustrates a cryptologically weak random number generator (CWRNG) 100. Examples of CWRNG's are a linear congruential random number generator (LRNG) and a quadratic congruential random number generator (QRNG). Random number generators are widely used in cryptographic applications, such as for encrypting digital computer messages transmitted over a network.

LRNG's are recursions in x of a form xi+1=(a*xi+b)%c, where * denotes multiplication and % denotes a modulo function. For example, (a*xi+b)%c would produce an integer in a range of 0 to (c-1). a, b and c, the LRNG parameters, along with x0, the LRNG starting value determine succeeding values of x. The LRNG will cycle through all numbers in the range from 0 to c-1 in pseudo-random order before repeating (i.e. it has a period of c, the maximum period), if and only if:

1. b is relatively prime to c (that is , no prime factors of c are prime factors of b);

2. (a-1) is a multiple of p for every prime number p dividing c; and

3. (a-1) is a multiple of 4 if c is a multiple of 4.

Further, in order to prevent (a-1) from being a predictable value, c should not divide evenly into (a-1). This can be accomplished by imposing a fourth rule as follows:

4. at least one prime factor in c is raised to a power greater than 1 and the same prime factor used in (a-1) must be raised to a power less than the power used to raise that prime factor in c.

QRNG's are recursions in x of a form x=(d*x*x+a*x+b)%c, which generates a series of integers in a range from 0 to (c-1). a, b, c and d, the QRNG parameters, along with x0, the QRNG starting value determine the succeeding values of x. A QRNG will cycle through all numbers in a range of 0 to (c-1) in psuedo-random order before repeating (i.e. it has a period of c, the maximum period), if and only if:

1. b is relatively prime to c;

2. d and (a-1) are both multiples of p for every odd prime number p dividing c;

3. d is even and d is congruent to (a-1)%4 if c is a multiple of 4;

4. d is congruent to (a-1)%2 if c is a multiple of 2; and

5. either d%9=0 or a%9=1 and (b*d)%9=6 if c%9=0.

Further, in order to prevent (a-1) and d from having predictable values, c should not divide evenly into (a-1) and d.

While LRNG's and QRNG's provide a fast and efficient method for generating quasi-random numbers, they have certain disadvantages. An outside observer can determine succeeding outputs from either a LRNG or a QNRG after observing a short sequence of outputs.

FIG. 2 shows a two-stage random number generator, which includes a cryptologically weak random number generator 100 with an output stream 110. The output stream may be encrypted by a block encryptor 210 making it difficult for an outside observer to successfully attack this system by observing the output 212 of the block encryptor 210.

Random number generators may be used in a communication system (e.g., Internet) where large numbers of random number generators may be used and frequently re-keyed to provide security to communications occurring in the system by, for example, providing security keys for encrypting and decrypting such communications.

Data in a communication system is placed in packets. Each packet is sent from a source to a destination and may pass through one or more intermediate locations before reaching its destination. The security keys allow for the data to be encrypted at the source and decrypted at the destination, such that an unintended recipient, for example, a hacker monitoring one of the intermediate locations, is unable to decrypt the data contained in the packets because he does not possess the security keys.

Random numbers generated by cryptologically weak random number generators will eventually repeat. The repeating numbers are in an easily guessable sequence of random numbers. The cryptologically weak random number generator, the encryptor or both, should be re-keyed well before the sequence repeats.

The time for re-keying the cryptologically weak random number generator should be short for two reasons: (1) a system crash will make the re-keying of many cryptologically weak random number generators necessary and slow re-keying would effectively extend an outage; and (2) re-keying is non-productive overhead for a system during normal “sunny day” operation of the system. As such, it is appropriate to limit this overhead to be at most x percent of the system's resources. The overhead is limited to x percent of the system's resources when:
T<=0.01x c/p, (1)
where T is the time to re-key in seconds, c is the number of packets transmitted between re-keys (directly proportional to cycle length) and p is the maximum speed of the data in packets per second. For instance, if x=0.1, c=1,000,000 packets, and p=100,000 packets per second, then T can be at most 10 milliseconds, with re-keying occurring every 10 milliseconds. Typically, cryptologically weak random number generators, such as linear congruential random number generators (LRNG's) and quadratic congruential random number generators (QRNG's) can be combined to achieve a long cycle. Therefore, re-keying after a crash is a limiting constraint.

The re-keying should yield practically unguessable random number generators. The parameters for the random number generator should not exhibit a strong bias that would make them easily determined by an observer. For instance, if the parameters for a ten parameter cryptologically weak random number generator were restricted to being one of the 6,542 primes between 2 and 65,535, over ten orders of magnitude fewer unique cryptologically weak random number generators would be possible than would be if the parameters were selected as being any integer in the range 2-65,535. However, generating cryptologically weak random number generators with known long non-repeating cycles restricts the choice of parameters and increases the predictability of parameters. This increase in predictability should be minimized.

SUMMARY OF THE INVENTION

A method and apparatus are provided for generating parameters for a random number generator. A random value is generated and the random value is mapped to a prime number. Each of the parameters is generated by multiplying the prime number by previously selected prime numbers. The principles of the invention allow a large number of random number generators to be quickly re-keyed.

FIG. 2 illustrates the stream of random numbers generated by the cryptologically weak random number generator being encrypted by a block encryptor;

FIGS. 3A and 3B show a first embodiment of the invention;

FIGS. 3C and 3D show a second embodiment of the invention;

FIGS. 3E and 3F show a third embodiment of the invention;

FIGS. 4A through 4B illustrate a flowchart for explaining processing in an embodiment of the prime number mapper;

FIG. 5 shows an example of an apparatus for a random number generator;

FIG. 6 is a flowchart which explains processing to calculate an exponent for a generated prime number;

FIGS. 7A through 7E show a flowchart for explaining processing in an example of a parameter value producer to produce parameter values for parameters of a random number generator; and

FIG. 8 illustrates a use for the random number generator in which one of a number of network addresses may be used.

DETAILED DESCRIPTION

FIG. 3A is a functional block diagram illustrating an embodiment of the invention. Noise source 402 may be, for example, a noise generator, such as a ST-NG1 noise generator manufactured by Radio Design Labs (RDL), to generate noise and thereby provide a random number in a range from 0 to 1, to prime number mapper 404. Prime number mapper 404 maps noise values to prime numbers, preferably using a nonlinear probability distribution as described in more detail herein. The prime numbers produced by prime number mapper 404 are used by parameter value producer 406 to produce a parameter value by multiplying a generated prime number by a previously-generated prime number to produce the parameter value. The produced parameter values are used by a random number generator, such as the LRNG, as parameters a, b and c. Xi+1, the output of the LRNG is then fed to the block encryptor 410 to be encrypted. Although this embodiment is shown as being used with the LRNG at 408, the invention is not limited to being used only with the LRNG, but may also be used with other random number generators. Moreover, the inventive principles can be practiced without using block encryptor 410.

FIG. 3B provides a more detailed view of one embodiment of the parameter value producer 406. In this embodiment of the parameter value producer, the parameter value producer includes a multiplier 407 to multiply the prime factors derived from the prime number mapper to produce a parameter value.

FIG. 3C shows a system according to the invention with a second embodiment of a parameter value producer 412 which produces a parameter value by raising a prime number Pi from the prime number mapper to a power, for example the Kth power, to produce PiK and multiplying the resultant value by another number Pi+1, generated by the prime number mapper.

FIG. 3D provides a more detailed view of one embodiment of the parameter value producer 412. Multiplier 414 receives input from the prime number mapper and may receive input from power generator 415. The power generator receives a prime number Pi from the prime number mapper and a random number N based on the noise source 402, such that 0≦N≦1. The power generator then generates an exponent K, based on N, to be used with Pi to produce PiK. PiK is then fed into multiplier 414, which receives another prime number Pi+1, from the prime number mapper and produces PiK*Pi+1. This embodiment of the parameter value producer may also produce parameter values based on primes generated from the prime number mapper without using the power generator. That is, values such as Pi*Pi+1, as described in the embodiment of FIGS. 3A and 3B may be produced.

FIG. 3E shows a system according to the invention with a third embodiment of a parameter value producer 420 which produces the parameter value by raising a prime number Pi from the prime number mapper to a power, for example the Kth power, PiK and multiplying the resultant value by another number Pi+1 raised to the Lth power.

FIG. 3F provides a more detailed view of one embodiment of the parameter value producer 420. The power generator receives a prime number Pi from the prime number mapper and a random number N based on the noise source 402, such that 0≦N≦1. The power generator then generates an exponent K, based on N, to be used with Pi to produce PiK. A next prime number Pi+1, arrives from the prime number mapper and is fed into the power generator. A second random number, based on the noise source, in a range from 0 to 1 arrives as input to the power generator, which generates an exponent L, based on the newly arrived random number and produces (Pi+1)L. Multiplier 421 multiplies PiK*(Pi+1)L to produce a parameter value.

In one embodiment, the prime number mapper uses a table, such as shown in Table 1, that maps prime numbers to a nonlinearly assigned value. Each entry in Table 1 includes a prime number, followed by a cumulative weight. For example, the first entry in Table 1 is 2, a prime number, followed by the cumulative weight of selecting 2 as a prime factor. The table has entries for all prime numbers from 2 through 65,213 with their respective cumulative weights. The cumulative weights were derived empirically and were constructed to make the generated parameter values as unbiased as possible. Because the weights in the table are cumulative, larger prime numbers have larger cumulative weights than smaller prime numbers.

In a range of integers from 1 to N, where N is a maximum allowed number, about half of the integers have 2 as a prime factor, about ⅓ of the integers have 3 as a prime factor, about ⅕ of the integers have 5 as a prime factor and so on. The cumulative weights of Table 1 were derived by assigning cumulative weights to each of the prime numbers and generating at least 100,000 numbers from prime numbers using a noise generator to generate a random value, the prime number mapper to generate a prime number based on the random value, and multiplying the generated prime numbers to generate a product, such that the generated product was less than or equal to a maximum number. The prime factors of each of the generated numbers were then analyzed to determine whether they occurred substantially at the expected frequency, i.e. whether 2 was a prime factor of half of the numbers, whether 3 was a prime factor of ⅓ of the numbers and so on. If the expected occurrence frequency was not observed, the cumulative weights of the prime numbers were adjusted until the expected occurrence frequency was substantially observed.

The processing in a software implementation of the prime number mapper 404 is shown in FIGS. 4A and 4B. The processing described in FIGS. 4A and 4B uses the table, as shown in Table 1, in which each entry includes a prime number and a cumulative weight.

In FIG. 4A, at p500, because a desired range of prime numbers may not include the range of prime numbers from 2 through 65,213, as defined in Table 1, i.e. the range may include a smaller set such as prime numbers less than 10,000, a largest prime number less than or equal to a maximum desired number is found from among the table of prime numbers. This can be accomplished using a number of techniques, such as analyzing each prime number entry starting from the end of the table until a prime number entry less than the maximum desired number is found. Another technique includes performing a binary search over the table of primes. The binary search is a well-known technique. The search could be performed by examining the prime number in the middle of the ordered prime number table and determining whether that number is less than the maximum desired number. If it is, then the prime value at a mid portion of a portion of the table between the examined prime number and the end of the table is examined. Otherwise, the prime value at the mid portion of the table between the beginning of the table and the currently examined number is examined. The remaining portions of the table are repeatedly divided in half and the mid values examined until the remaining portion of the table examined includes only one prime number, and that prime number is less than the maximum number.

At p502, the cumulative weight of selecting a prime number within a range of a smallest prime number, for example, 2, to the largest desired prime number is determined by subtracting the cumulative weight for the largest prime number in the desired range (derived from the table) from the cumulative weight of the smallest prime number (derived from the table). This value is stored in Ac.

P504 through p522 perform a modified binary search over the prime number/cumulative weight table, for example, the table of Table 1. A portion of the table searched depends on a comparison between a random number rn, which is in a range such that 0<rn≦1 and a ratio of a cumulative weight of an entry at a midpoint of a searched portion of the table and a cumulative weight of a maximum desired prime number. A size of a searched portion is repeatedly cut in half until no more than two entries remain in the searched portion.

At p504, min, an index to the smallest prime number entry in the prime number/cumulative weight table is set.

At p506, max, an index to the largest prime number entry in the prime number/cumulative weight table is set equal to the total number of primes in the prime number/cumulative weight table minus 1.

At p508, mid is set equal to (max+min) divided by 2. Thus, mid is an index to a midpoint entry within a range of entries of the prime number/cumulative weight table between an entry corresponding to the entry pointed to by min and an entry corresponding to the entry pointed to by max.

At p510, an integer random number in a range from 0 to a predetermined maximum integer M is generated. The random number may be generated based on noise from a noise source such as a noise generator. The random number is divided by (M+1), producing a number z, such that 0≦z<1. The number z is then stored in rn. Alternatively, the generated random number may not necessarily be an integer, but may be the number z, such that 0≦z<1, thus eliminating a need to divide the generated random number by (M+1).

At p512, the cumulative weight of a prime number in the middle of the range between max and min is determined by using the prime number/cumulative weight table to obtain the cumulative weight of the table entry indexed by mid and subtracting from this cumulative weight the cumulative weight of the smallest prime number in the prime/number cumulative weight table. This difference is then stored in Am.

At p514, rn is compared with Am divided by Ac. If rn is less than Am divided by Ac, then p516 will be performed to set max equal to mid. Otherwise, p518 will be performed to set min equal to mid.

At p520, mid is set to (max+min) divided by 2, thus setting a new midpoint to a portion of the prime number/cumulative weight table.

At p522, (max−min) is compared with 1 and if greater than 1, p512 through p522 will again be performed, otherwise, the prime number from the prime number entry in the prime number/cumulative weight table pointed to by the min index is returned.

FIG. 6 explains the processing of a procedure which determines an exponent to be used with a generated prime number. This procedure may be used in an embodiment of the power generator 415 of FIG. 3D and 422 of FIG. 3F.

At p702, Power is set to 1.

At p704, a maximum random value that can be generated is added to 1 and the resulting sum is divided by an already selected prime number, for example, Pi, and stored in Scale.

p706, a random value between 0 and 1, based on a noise source is multiplied by a predetermined number to produce a random value in a range from 0 to the maximum random value.

At p708, Pwr_Prime is set equal to the previously selected prime number squared, for example (Pi)2.

At p710, a check is made to determine whether Scale is greater than the generated random number, which is in the range from 0 to the maximum random value, and whether Pwr_Prime is less than or equal to a previously determined maximum prime factor. If not, at p712 the value of power is returned. Otherwise, at p714 power is incremented by 1.

At p716, the value of Scale is reduced by dividing Scale by the previously selected prime number, for example, Pi.

At p718, Pwr_Prime is multiplied by the prime number, Pi.

P710 through p718 will continue to be performed until the check at p710 determines that Scale is not greater than the generated random value or Pwr_Prime is greater than the maximum prime factor causing p712 to return a current value of Power.

FIG. 5 illustrates an example of an apparatus for a random number generator 600. The apparatus includes a CPU 602 and storage, such as a memory 604. The apparatus may also include a disk drive 606 which may be a hard drive or a floppy drive or an optical storage medium. A disk 610, which would reside in disk drive 606 may include data and instructions for the CPU 602 to map random values to prime numbers and produce parameter values for a random number generator.

FIGS. 7A through 7E illustrate a flowchart which describes the processing in an embodiment of the parameter value producer 412, shown in FIGS. 3E and 3F for generating parameter values which conform to the desirable properties for parameter values previously described for parameters a, b and c of a LRNG random number generator. Note that A, B and C in the flowchart correspond to a, b and c parameters of a LRNG.

At p804, request and receive from the prime number mapper a prime number P, such that the prime number P is less than the square root of the maximum parameter value.

At p806, the received prime number P is stored in a table in order to keep track of prime factors that are now unavailable. These numbers will not be produced by the prime number mapper.

At p810, the power generator determines a power K using, for example, the procedure described in FIG. 6. If a value of 1 is returned for K, it will be set to 2.

At p811, C is set to be the prime number P raised to the K power, thus satisfying rule 4 of desirable properties for LRNG's.

At p812, the smallest available prime is adjusted taking the just selected prime P into account.

At p813, the maximum parameter value is scaled down by dividing it by Pk.

At p814, a check is made to determine whether the maximum parameter value is greater than the smallest available prime number. If it is not, then processing proceeds to p830. Otherwise processing proceeds to p818. Note that as primes are generated to build the parameter, they may not be reused. Thus, if 2 were selected, then 2 may no longer be the smallest available prime number. The Maximum Parameter Value is a predetermined value which may depend on a word size of the computer. For example, if the word size is 32 bits, then a Maximum Parameter Value of 65,536 may be desired.

At p818, using the procedure described in FIG. 4A and FIG. 4B, a prime number P is received from the prime number mapper.

At p819, the power generator determines a power K and produces PK.

At p820, the prime number P is made unavailable to the prime number value mapper.

At p823, C is updated to be equal to itself multiplied by the last selected prime number P raised to the K power.

At p824, the smallest available prime number is adjusted.

At p825, the maximum parameter value is scaled down by dividing it by Pk.

P814–p825 repeat until the check at p814 determines that the maximum parameter value is greater than the smallest available prime number. If this determination is made, then processing proceeds to p830.

At p830, the maximum parameter value is reset to the maximum desired parameter value.

At p831, parameter B is set to 1.

At p834, a next prime value P is received from the prime number mapper. Since, according to rule 1 of the desirable properties for LRNG's, B is relatively prime to C, the received prime number P is not selected from the unavailable prime numbers which were used to generate C.

At p835, the power generator determines a power K and produces PK.

At p836, the prime number P is marked as unavailable.

At p837, the parameter B is multiplied by the last selected prime factor P raised to the K power to produce an updated value of B.

At p838, the smallest available prime number is adjusted.

At p839, the maximum parameter value is scaled down by dividing it by Pk.

At p840, a check is made to determine whether the maximum parameter value is greater than the smallest available prime number. If it is not, then processing proceeds to p841. Otherwise processing proceeds to p834.

At p841, All primes used in B are made available.

At p845, the maximum parameter value is reset to the maximum desired parameter value and the smallest available prime number is adjusted.

In order to satisfy rule 2 for LRNG's, at p846, AMinusOne is set equal to the product of all primes P that divide C by setting AMinusOne to the product of all prime factors stored in the table used to keep track of the prime factors of C.

At p847, FreeAminusOne is set to 1.

In order to satisfy rule 3 for LRNG's, at p848, a check will be made to determine whether C is a multiple of 4, and if so, p850 will be performed to multiply AMinusOne by 2, thereby making AMinusOne a multiple of 4 also. In addition, FreeAminusOne will set to 2.

At p856, a next prime P is received from the prime number mapper.

At p857, the power generator determines a power K and produces PK.

At p858, AMinusOne is updated to be equal to a product of AMinusOne and Pk and FreeAminusOne is updated to be equal to a product of FreeAMinusOne and Pk.

At p859, the smallest available prime number is adjusted and at p860, the maximum parameter value is scaled by dividing it by PK.

At p861, a check is made to determine whether FreeAMinusOne is greater than or equal to the smallest available prime number, and if not, A is set to (AMinusOne+1)%C. Otherwise, the process returns to p856.

Thus, if FreeAMinusOne is greater than or equal to the smallest available prime number then AMinusOne continues to be multiplied by prime numbers.

By performing a procedure such as described in FIGS. 7A–7E, one could easily see that the parameters a, b and c for the linear congruential (LRNG) random number generator conform to the four (4) rules described previously.

FIGS. 7A through 7E show an implementation for use with a LRNG random number generator; however, other generators may be used as well.

An embodiment of the invention may be used to generate quasi-random numbers for at least a portion of the network addresses for use in transmitting data packets in a communication network. For example, FIG. 8 illustrates two network nodes, 902 and 904, which are in communication with each other. For simplicity, the tables 906 and 912 only refer to addresses used for communication between these two nodes only. Further, for simplicity, this example shows entire addresses being generated from quasi-random numbers; however, partial addresses, partial headers and parts of other fields may be generated from quasi-random numbers. For example, table 906 in network node 902 illustrates a list of source addresses, in the S column and a list of destination addresses in the D column. This table corresponds to table 912 in network node 904 which contains information corresponding to table 906. For example, the source information of table 906 is reflected as the destination information of table 912 and vice versa. The tables generally would be much larger than shown, for example one hundred or one thousand addresses or more. Each pair of addresses (e.g., a source and a destination address) can be used once to transmit a single message, such that each message appears to contain a randomly-generated pair of network addresses.

An embodiment of the invention would be used to generate quasi-random tables for both node 902 and node 904 so that both nodes can keep track of the addresses to be used. For example, consecutive data packets sent from node 902 to node 904 may have the following source/destination addresses, respectively, 10/14; 13/15; 19/18; 22/6; 4/29. Thus, to an observer, such as a hacker, the addresses would appear to hop from one address to another in a seemingly random fashion although communications are taking place between node 902 and node 904.

The above embodiment may be implemented by using, for example, a LRNG random number generator and the embodiment as shown in FIGS. 3C and 3D to generate parameter values for parameters a, b and c. xi+1 the output of the LRNG may then be fed through the block encryptor 410. The resultant values of xi+1 could be used as network addresses or parts of network addresses in the tables.

Embodiments of the invention may be implemented in hardware, software, or firmware. The firmware may be in a read-only memory and the software may reside on a medium such as a floppy disk, optical, disk, or CDROM, for example.

While the invention has been described with reference to certain illustrated embodiments, the words which have been used herein are words of description, rather than words of limitation. Changes may be within the purview of the appended claims without departing from the scope and spirit of the invention in its aspects. Although the invention has been described herein with reference to particular structures, acts, and materials, the invention is not to be limited to the particulars disclosed but rather extends to all equivalent structures, acts, and materials, such as are within the scope of the appended claims.